Hey Cyher,
I conducted Combofix, but a small problem i had was that despite turning off my antivirus, combofix kept telling me that it was on but it would work anyway. Im not sure if that is an issue.
Heres the combofix log:
ComboFix 10-05-21.06 - Sagar 22/05/2010 18:03:42.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.1014.556 [GMT 1:00]
Running from: c:\documents and settings\Sagar\My Documents\Downloads\ComboFix.exe
AV: Norton Internet Security *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
c:\documents and settings\Sagar\Favorites\Download programs.url
c:\documents and settings\Sagar\Favorites\Games.url
c:\documents and settings\Sagar\Favorites\Translator.url
c:\documents and settings\Sagar\Favorites\Videos.url
c:\documents and settings\Sagar\Start Menu\Programs\Download programs.url
c:\documents and settings\Sagar\Start Menu\Programs\Games.url
c:\documents and settings\Sagar\Start Menu\Programs\Translator.url
c:\documents and settings\Sagar\Start Menu\Programs\Videos.url
c:\windows\system32\2559057699.dat
c:\windows\system32\AutoRun.inf
----- BITS: Possible infected sites -----
hxxp://goldencaravela.netInfected copy of c:\windows\system32\DRIVERS\isapnp.sys was found and disinfected
Restored copy from - Kitty had a snack :p
.
((((((((((((((((((((((((( Files Created from 2010-04-22 to 2010-05-22 )))))))))))))))))))))))))))))))
.
2010-05-22 16:58 . 2008-04-13 18:36 37248 ----a-w- c:\windows\system32\drivers\isapnp.sys
2010-05-22 16:58 . 2008-04-13 18:36 37248 ----a-w- c:\windows\system32\dllcache\isapnp.sys
2010-05-22 16:50 . 2010-05-22 16:50 -------- d-----w- c:\documents and settings\Sagar\Application Data\Tific
2010-05-22 16:50 . 2010-05-22 16:50 -------- d-----w- c:\documents and settings\Sagar\Local Settings\Application Data\Symantec
2010-05-21 16:08 . 2010-05-21 16:08 -------- d-----w- c:\program files\ESET
2010-05-21 11:44 . 2010-05-21 11:44 -------- d-----w- C:\_OTM
2010-05-21 11:40 . 2010-05-21 11:40 -------- d-----w- c:\program files\ERUNT
2010-05-21 11:20 . 2010-05-06 04:01 47408 ----a-r- c:\windows\system32\drivers\SymIM.sys
2010-05-09 23:36 . 2010-05-09 23:36 -------- d--h--w- c:\windows\system32\WLANProfiles
2010-05-09 11:29 . 2010-05-09 11:29 -------- d-----w- c:\program files\Google
2010-05-08 18:09 . 2010-05-21 11:17 23040 ----a-w- c:\windows\system32\drivers\mouclass.sys
2010-05-08 18:09 . 2010-05-20 16:09 23040 ----a-w- c:\windows\system32\dllcache\mouclass.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-22 17:18 . 2007-02-06 20:46 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-05-21 12:28 . 2009-11-20 17:52 -------- d-----w- c:\program files\Trend Micro
2010-05-21 11:44 . 2006-12-01 21:48 -------- d-----w- c:\program files\MSN Messenger
2010-05-20 17:57 . 2009-11-21 18:06 -------- d-----w- c:\documents and settings\Sagar\Application Data\SUPERAntiSpyware.com
2010-05-20 17:57 . 2009-11-21 18:06 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-05-20 17:55 . 2006-08-25 16:16 -------- d-----w- c:\program files\Java
2010-05-20 08:39 . 2004-08-11 16:00 22008 ----a-w- c:\windows\system32\userinit.exe
2010-05-13 10:04 . 2010-04-20 17:22 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-05-08 16:34 . 2009-09-05 14:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Tablet
2010-05-02 10:28 . 2010-04-17 12:01 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-04-29 14:39 . 2010-04-20 17:22 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-29 14:39 . 2010-04-20 17:22 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-17 12:01 . 2010-04-17 12:01 552 ----a-w- c:\windows\system32\d3d8caps.dat
2010-04-02 10:56 . 2009-08-25 21:12 -------- d-----w- c:\program files\McAfee
2010-04-01 14:22 . 2010-04-01 14:22 -------- d-----w- c:\program files\Common Files\McAfee
2010-04-01 14:21 . 2006-08-25 16:33 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2010-04-01 13:10 . 2006-08-25 16:27 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-04-01 12:25 . 2006-08-25 16:27 -------- d-----w- c:\program files\Symantec
2010-04-01 12:25 . 2010-04-01 12:25 805 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2010-04-01 12:25 . 2010-04-01 12:25 7443 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2010-04-01 12:25 . 2010-04-01 12:25 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2010-04-01 12:25 . 2010-04-01 12:25 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-04-01 12:25 . 2010-04-01 12:25 -------- d-----w- c:\program files\Norton Internet Security
2010-04-01 12:25 . 2010-04-01 12:25 -------- d-----w- c:\program files\Windows Sidebar
2010-04-01 12:25 . 2010-04-01 12:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2010-04-01 12:24 . 2010-04-01 12:22 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller
2010-04-01 12:22 . 2010-04-01 12:22 -------- d-----w- c:\program files\NortonInstaller
2010-04-01 12:20 . 2006-08-25 16:31 -------- d-----w- c:\program files\McAfee.com
2010-03-10 06:15 . 2004-08-11 16:00 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-02-25 06:24 . 2004-08-11 16:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-24 13:11 . 2004-08-11 16:00 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-23 16:43 . 2010-02-23 16:43 1923768 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player.exe
2007-06-05 16:19 . 2007-06-05 16:18 918874 ----a-w- c:\program files\TB.log
2007-09-09 02:46 . 2006-08-31 11:42 56 --sh--r- c:\windows\system32\A1CF96F6F6.sys
2007-11-04 00:23 . 2006-08-30 10:38 88 -csh--r- c:\windows\system32\F6F696CFA1.sys
2007-11-04 00:23 . 2006-08-30 10:38 6580 -csha-w- c:\windows\system32\KGyGaAvL.sys
.
------- Sigcheck -------
[-] 2010-05-20 08:39 . 3720136C5B742C20144FA4E945BB5C7B . 22008 . . [------] . . c:\windows\system32\userinit.exe
[7] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe
[7] 2004-08-04 . 39B1FFB03C2296323832ACBAE50D2AFF . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\userinit.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ModemOnHold"="c:\program files\NetWaiting\NetWaiting.exe" [2003-09-10 20480]
"DellSupport"="c:\program files\Dell Support\DSAgnt.exe" [2006-07-16 389120]
"Veoh"="c:\program files\Veoh Networks\Veoh\VeohClient.exe" [2008-09-26 3660848]
"VeohPlugin"="c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2009-08-20 2000120]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-12-13 98304]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-12-13 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-12-13 118784]
"SigmatelSysTrayApp"="stsystra.exe" [2006-03-24 282624]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 761947]
"Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2006-04-06 1032192]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-05-01 667718]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-05-01 602182]
"CTSVolFE.exe"="c:\program files\Creative\Mixer\CTSVolFE.exe" [2005-02-23 57344]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]
"AOLDialer"="c:\program files\Common Files\AOL\ACS\AOLDial.exe" [2007-12-07 71008]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952]
"IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2004-08-04 44032]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-04 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-04 455168]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-03-30 267048]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
AOL Companion.lnk - c:\program files\AOL Companion\companion.exe [2006-8-25 250992]
Dell Network Assistant.lnk - c:\windows\Installer\{0240BDFB-2995-4A3F-8C96-18D41282B716}\Icon0240BDFB3.exe [2006-8-25 7168]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2006-8-25 24576]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"usnjsvc"=3 (0x3)
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"c:\\Program Files\\AOL 9.0\\waol.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"=
"c:\\Program Files\\Dell Network Assistant\\ezi_hnm2.exe"=
"c:\\Program Files\\Common Files\\AOL\\1235323325\\ee\\aolsoftware.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Adobe\\Adobe After Effects CS4\\Support Files\\AfterFX.exe"=
"c:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"10421:UDP"= 10421:UDP:SingleClick Discovery Protocol
"10426:UDP"= 10426:UDP:SingleClick ICC
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"56407:TCP"= 56407:TCP:Pando Media Booster
"56407:UDP"= 56407:UDP:Pando Media Booster
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1107000.00C\symds.sys [21/05/2010 09:47 328752]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1107000.00C\symefa.sys [21/05/2010 09:47 173104]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\BASHDefs\20100429.001\BHDrvx86.sys [29/04/2010 18:44 537136]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1107000.00C\cchpx86.sys [21/05/2010 09:47 501888]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1107000.00C\ironx86.sys [21/05/2010 09:47 116784]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\SITEAD~1\mcsacore.exe [01/04/2010 15:21 93320]
R2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\17.7.0.12\ccsvchst.exe [21/05/2010 09:47 126392]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [01/04/2010 16:45 102448]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\Definitions\IPSDefs\20100513.002\IDSXpx86.sys [17/05/2010 20:13 329592]
S3 Mkd2kfNt;Mkd2kfNt;c:\windows\system32\drivers\Mkd2kfNT.sys [18/07/2009 22:52 131072]
S3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2Nadr.sys [18/07/2009 22:52 79104]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://www.google.co.uk/uInternet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
uInternet Settings,ProxyOverride = <local>
uSearchURL,(Default) =
hxxp://uk.search.yahoo.com/search?fr=mcafee&p=%s
IE: {{08E730A4-FB02-45BD-A900-01E4AD8016F6} -
http://www.skybroadband.comTrusted Zone: internet
Trusted Zone: mcafee.com
FF - ProfilePath - c:\documents and settings\Sagar\Application Data\Mozilla\Firefox\Profiles\dnflfdwe.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage -
hxxp://www.google.co.ukFF - prefs.js: keyword.URL -
hxxp://uk.search.yahoo.com/search?fr=mcafee&p=FF - component: c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\coFFPlgn\components\coFFPlgn.dll
FF - component: c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.5.0.127\IPSFFPlgn\components\IPSFFPl.dll
FF - component: c:\program files\McAfee\SiteAdvisor\components\McFFPlg.dll
FF - plugin: c:\documents and settings\Sagar\Application Data\Mozilla\Firefox\Profiles\dnflfdwe.default\extensions\moveplayer@movenetworks.com\platform\WINNT_x86-msvc\plugins\npmnqmp07076007.dll
FF - plugin: c:\program files\McAfee\Supportability\MVT\NPMVTPlugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\program files\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: c:\program files\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll
FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
.
------- File Associations -------
.
.txt=
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-AdobeBridge - (no file)
HKCU-Run-{9972BAAC-8A55-7E95-38B9-639DA799D67B} - c:\documents and settings\Sagar\Application Data\Lyazga\tyyd.exe
HKLM-Run-DMXLauncher - c:\program files\Dell\Media Experience\DMXLauncher.exe
SafeBoot-klmdb.sys
AddRemove-McAfee Uninstall Utility - c:\progra~1\McAfee.com\Shared\mcappins.exe
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-05-22 18:21
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\17.7.0.12\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Intel\Wireless\Folders\p*|*0 ]
"Path"="c:\\WINDOWS\\system32\\config\\systemprofile\\Application Data\\Intel\\Wireless\\"
[HKEY_LOCAL_MACHINE\software\Intel\Wireless\Folders\à*w*0 ]
"Path"="c:\\WINDOWS\\system32\\config\\systemprofile\\Application Data\\Intel\\Wireless\\"
[HKEY_LOCAL_MACHINE\software\Intel\Wireless\Folders\ø*w*0 ]
"Path"="c:\\WINDOWS\\system32\\config\\systemprofile\\Application Data\\Intel\\Wireless\\"
[HKEY_LOCAL_MACHINE\software\Intel\Wireless\Folders\¬ 2*]
"Path"="c:\\WINDOWS\\system32\\config\\systemprofile\\Application Data\\Intel\\Wireless\\"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(4028)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\program files\Intel\Wireless\Bin\WLKeeper.exe
c:\program files\Common Files\AOL\ACS\AOLAcsd.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
c:\program files\Dell Network Assistant\hnm_svc.exe
c:\program files\Dell\QuickSet\NICCONFIGSVC.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\stsystra.exe
c:\progra~1\Intel\Wireless\Bin\Dot1XCfg.exe
c:\program files\Dell Network Assistant\ezi_hnm2.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Common Files\AOL\1235323325\ee\aolsoftware.exe
.
**************************************************************************
.
Completion time: 2010-05-22 18:27:42 - machine was rebooted
ComboFix-quarantined-files.txt 2010-05-22 17:27
Pre-Run: 33,510,236,160 bytes free
Post-Run: 33,514,946,560 bytes free
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
- - End Of File - - 6D8A274D0BA4F97FE3FE06824639770A
Performance wise, my computer continues to have the start up problem, but the redirections have stopped.